The legislation, among other things, would establish pilot programs to try out “more flexible, competitive purchasing practices” and require that government contracts for AI “to include safety and security terms for data ownership, civil rights, civil liberties and privacy, adverse incident reporting and other key areas,” according to a release.

“Artificial intelligence has the power to reshape how the federal government provides services to the American people for the better, but if left unchecked, it can pose serious risks,” Sen. Gary Peters, D-Mich., who sponsors the bill with Sen. Thom Tillis, R-N.C., said in a statement. “These guardrails will help guide federal agencies’ responsible adoption and use of AI tools, and ensure that systems paid for by taxpayers are being used safely and securely.”

According to the release, the Promoting Responsible Evaluation and Procurement to Advance Readiness for Enterprise-wide Deployment (PREPARED) for AI Act builds on a law passed in 2022 that required agencies to protect privacy and civil rights when purchasing AI. That legislation was also sponsored by Peters. President Joe Biden cited that law in a section of his executive order on AI that directed the Office of Management and Budget to take action on addressing federal AI acquisition. 

The OMB in March asked for input on AI procurement, including how the administration can promote competition and protect the government’s rights to access its data in those contracts. The administration has said it plans to take action on AI procurement later this year.

“As the role of artificial intelligence in the public and private sectors continues to grow, it is crucial federal agencies have a robust framework for procuring and implementing AI safely and effectively,” Tillis said in the release. 

A Senate Homeland Security and Governmental Affairs Committee aide told FedScoop that Peters, who chairs the panel, plans a markup for the bill this summer. Once it’s passed by the panel, the aide said Peters “will keep all options on the table and pursue any path forward, whether that’s advancing the bill as a standalone or as part of a larger vehicle.” 

The bill has the support of Center for Democracy and Technology, Transparency Coalition, the AI Procurement Lab, and the Institute of Electrical and Electronics Engineers (IEEE), according to the release.

The post Bipartisan Senate bill would establish federal AI acquisition guardrails appeared first on FedScoop.

The legislation from Sens. Maria Cantwell, D-Wash., and Jerry Moran, R-Kan., titled the Small Business Artificial Intelligence Training and Toolkit Act, would have the Commerce secretary work with the administrator of the SBA on creating AI training resources for small businesses located in rural areas, Tribal communities, or other underserved regions. The training resources would be centered on artificial intelligence and emerging technologies, including quantum technologies, among other topics.

Those trainings would be provided via grants distributed by the SBA, as well as through gifting from the private sector. The Commerce Department would also submit reports to Congress about the state of the program. The legislation requires Commerce to update these trainings, too. 

“Small businesses are the foundation of the U.S. economy, making up 99 percent of all businesses,” Cantwell said in a statement. “They drive economic growth and innovation. It is essential that all American entrepreneurs — especially our small businesses — have access to AI training and reskilling in the 21st-century marketplace. This bill gives small businesses a boost with new tools to thrive as we step into this innovative era.”

The SBA has already taken some steps to encourage businesses to deploy the technology, though the agency’s ability to inventory its AI use cases has also attracted some scrutiny from Congress.

The post Bipartisan Senate bill calls on Commerce to lead AI push with small businesses appeared first on FedScoop.

In a May memorandum, GSA announced that beginning June 8, the agency would start collecting information for new contracts of all sizes — including “micropurchases” — from software offerers and contractors. That information would attest to government-specified secure software development practices.

Nick Mistry, the chief information security officer for Lineaje, a software supply chain security management company, said in an interview with FedScoop that he believes GSA’s June 8 start for the new guidance is “a really good thing for both the industry and government.”

The self-attestation requirements “will obviously add another step in the process, but it’s a very necessary step,” Mistry said. “Will there be a period of confusion where people don’t know exactly what’s required, both on the government side as well as industry side? But I think those things will just shake out over time. I think the net benefit is all positive.”

A GSA spokesperson said in an email to FedScoop that the agency “held multiple industry listening sessions before crafting our implementation of OMB memos M-22-18 and M-23-16. GSA took feedback from these sessions into consideration while also ensuring we met the deadlines in the OMB memoranda.”

The spokesperson noted that the agency “met the deadline for implementation to best support our customer agencies” and integrated the self-attestation form into its existing IT standards process to make attesting “as frictionless as possible” for the GSA’s vendors. 

The GSA  is encouraging software vendors to create an account on the Cybersecurity and Infrastructure Security Agency’s repository website, the spokesperson added.

In March, CISA released the Secure Software Development Attestation Form, which required the companies that manufacture software used by the federal government to “attest to the adoption of secure development practices.” That form could either be submitted to a repository or emailed to the relevant agency. 

GSA noted in its May memorandum that while the agency already had a requirement for its IT department to “approve software before it could be acquired and used,” the OMB memo mandated the department to update “how it collects, reviews, retains and monitors industry attestation information.”

The post For GSA, a new step to secure the software acquisition process begins appeared first on FedScoop.

The Monday meeting with OpenAI’s Anna Makanju focused on artificial intelligence’s impact on global development, the release stated. Topics included “advancing progress in key sectors like global health and food security, preventing the misuse of AI, and strengthening information integrity and resilience in USAID partner countries.” 

The announcement comes as several federal agencies, including NASA and the Department of Homeland Security, experiment with OpenAI’s technology. USAID is also prioritizing looking at artificial intelligence use cases and is in the midst of developing a playbook for AI in global development. 

“Administrator Power and Vice President Makanju also discussed USAID’s commitment to localization, and the potential for generative AI and other AI tools to support burden reduction for USAID implementing partners – in particular, burdens that disproportionately impact local organizations,” the agency said.

Meanwhile, OpenAI appears to be continuing to look for ways to work with U.S. federal agencies. Makanju, for her part, has previously said that government use of OpenAI tools is a goal for the company. At a conference hosted by the Semafor in April, she said she was “bullish” on government use of the technology because of its role in providing services to people. 

The post OpenAI official meets with the USAID administrator appeared first on FedScoop.

Though Freedom of Information Act requests to the tax agency can still be filed through FOIA.gov, the mail, by fax, or even in person, the IRS’s decision to point online filers to ID.me — whose facial verification technology has, in the past, drawn scrutiny from Congress — has raised some advocates’ eyebrows

Alex Howard, who directs the Digital Democracy Project and also serves on the FOIA Advisory Committee hosted out of the National Archives, said in an email to FedScoop that language on the IRS website seems to encourage ID.me use for faster service. It also doesn’t make significant references to FOIA.gov, a separate governmentwide portal that agencies are supposed to work with by law, he said. 

“While modernizing authentication systems for online portals is not inherently problematic, adding such a layer to exercising the right to request records under the FOIA is overreach at best and a violation of our fundamental human right to access information at worst, given the potential challenges doing so poses,” Howard said. 

The IRS defended its use of the service in responses to FedScoop questions, noting the other ways people can file FOIA requests and that the tool is only required of those seeking to interact with their public records electronically. The agency also said that ID.me follows National Institute of Standards and Technology guidelines for credential authentication services.

“The sole purpose of ID.me is to act as a Credential Service Provider that authenticates a user interested in using the IRS FOIA Portal to submit a FOIA request and receive responsive documents,” a spokesperson for the agency said. “The data collected by ID.me has nothing to do with the processing of a FOIA request.”

The IRS website currently directs people trying to access the agency’s online FOIA portal to use ID.me, which describes itself as a “digital passport” that “simplifies how individuals prove and share their identity online.” According to one IRS page, the “IRS Freedom of Information Act (FOIA) Public Access Portal now uses a sign-on system that requires identity verification.” Those hoping to access online FOIA portal accounts created before June 2023 also must register for ID.me, the site states. 

The ID.me login page directs users to the FOIA portal, stating that those who can’t verify their identity can try visiting the ID.me help page or pursue alternative options. From there, another page tells users to try “another method” for submitting a FOIA. 

The system requires users to upload a picture of their ID: They can choose between taking a selfie and using biometric facial verification software that compares the image to their ID — or wait for a video appointment to confirm their identity. 

The system also appears to prompt users to share their Social Security number and includes terms of service that discuss the handling of biometric data. Two FedScoop reporters tried registering with the system: one had their expired identification rejected and had to attempt again with a passport, while the other’s driver’s license could not be “read” the first time but was accepted during a second attempt in combination with the video selfie. Both FedScoop reporters later received a letter, by mail, notifying them that their personal information was used to access an IRS service using ID.me.

What an ID.me scan looks like when signing into the IRS’s FOIA portal.

The IRS spokesperson said that the collection of a Social Security number is related to the digital authentication process, not the processing of the FOIA request itself, and biometric information is not retained by the IRS. 

“The IRS requires ID.me to delete the selfie and biometric information within 24 hours for taxpayers who verify using the self-service process,” the spokesperson said, adding that “ID.me is also required to delete any video chat recording within 30 days for taxpayers who choose to verify using the video chat pathway.” 

An ID.me spokesperson said in an email to FedScoop that no state or local agency uses the system for identity verification or as authentication for FOIA portals.  

The FOIA portals for the Treasury Department and Social Security Administration do use ID.me, the company spokesperson noted, but both agencies seem to provide more information on alternative submission options to submit requests online. ID.me referred additional questions regarding the IRS’s use of the company’s FOIA portal to the tax agency. Treasury did not respond to a request for comment by the time of publication.

The Social Security Administration offers both ID.me and Login.gov — another government-run ID service — as options to log into its FOIA portal, FOIAXPress Public Access Link. Like the IRS, the SSA said in response to FedScoop questions that mail, fax, email and FOIA.gov are alternatives to filing FOIAs. A Social Security number is not required for accessing FOIAXpress, though it appears to be required for signing into ID.me, which some users might be using to file FOIA requests. 

“In the scenario where a customer uses their ID.me account to access FOIAXpress PAL, the customer selects this sign in option on the login page and is redirected to a webpage on ID.me’s website,” an agency spokesperson said. “If the customer creates an account in this session, ID.me retains info on the registration event in their records.

They continued: “Upon successful account creation, the user is routed back to SSA’s website and allowed access to FOIAXpress PAL. SSA and ID.me retain info on the transaction in our respective records.”

“Submitting a Social Security Number to ID.me is related to the digital identity authentication process; generally it is not required for the FOIA process,” the IRS spokesperson added. 

Albert Fox Cahn, a privacy-focused attorney who directs the Surveillance Technology Oversight Project, expressed concerns about the IRS’s use of ID.me. “This isn’t just creepy and discriminatory, it might break federal law,” he said in a statement to FedScoop. “Under FOIA, public records belong to the public, and no one should have to hand over their biometric data just to see the records they’re entitled to access.” 

The use of ID.me by the government has sparked concerns in the past. In 2022, some members of Congress accused the company of downplaying wait times and misleading people about the way its facial recognition technology worked. The company, meanwhile, has defended its practices, including its work on fighting fraud during the pandemic.

Matt Bracken contributed to this article.

This story was updated June 11, 2024, to update Alex Howard’s professional affiliation.

The post IRS defends use of biometric verification for online FOIA filers appeared first on FedScoop.

The congressional watchdog noted in its release that the VA has implemented six of its 29 open priority recommendations, including the deployment of an automated data tool used to improve acquisition workforce records and taking steps to modernize the agency’s performance management system across the Veterans Health Administration. 

Assessing software licenses, however, is something that the VA needs to address, per the watchdog. In January, the GAO issued a report on software licenses throughout the federal government,  noting that the VA had neglected to regularly compare software license inventories that are currently used with purchase records. 

In the new priority recommendations, GAO noted that the federal government spends more than $100 billion yearly on cyber and IT-related investments. 

“Until VA implements this priority recommendation and consistently tracks and compares its inventories of software licenses to with known purchases, it is likely to miss opportunities to reduce costs on duplicative or unnecessary licenses,” the report states. 

Other high-risk governmentwide areas that could impact the VA, according to the GAO, are “improving the management of IT acquisitions and operations” and “ensuring the cybersecurity of the nation.”

Charles Worthington, the VA’s chief AI and technology officer, said in a recent interview with FedScoop that he believes the VA’s technical infrastructure “is actually on pretty good footing,” pointing to the agency’s migration to the cloud and using commercial products in the software-as-a-service model, “where it makes sense.”

Other priority recommendations from the GAO cover the VA’s electronic health records (EHR) modernization program, including one that directs the agency to implement “leading practices for change management.” The other nine involve evaluating whether the system is “operationally suitable and effective” to ensure that the system satisfies customer needs, establishing “user satisfaction targets” to protect patients’ health and safety from unnecessary risks, and validating that future systems are not deployed too early. 

“Implementing these … recommendations would also help solve existing problems with the system,” the GAO stated.

The post VA software license assessments called out in GAO recommendations appeared first on FedScoop.

Because the tax agency had “not completed its documentation of several elements” of the models used for its National Research Program audits, the IRS could struggle to “retain organizational knowledge, ensure the models are implemented consistently, and make the process more transparent to future users,” according to the Government Accountability Office.

The IRS first piloted AI techniques for sampling tax returns in NRP audits during the 2019 filing season. The tax agency selected 4,000 returns for audit through that new AI-powered methodology, while an equal share was chosen through its traditional selection process. The following year, the NRP sample was approximately 1,500, all selected with the AI-informed process, and in 2021, 4,000 returns were picked based on two different AI samples.

The GAO noted that the implementation of redesigned sample selection processes “can be a complex undertaking,” especially when an emerging technology like AI is added to the mix. With that in mind, the watchdog pointed to the usefulness of its AI accountability framework.

“The AI Framework emphasizes the importance of documentation to help ensure that the AI system’s objectives are met,” the GAO wrote. “It further emphasizes that documentation can offer a way for agencies to provide transparency, such as (1) what the system is for, (2) what it is not for, (3) how it was designed, and (4) what its limitations are.”

The GAO’s audit found that the IRS had fallen short in two framework areas: clearly defining and documenting roles and responsibilities for each step of the AI sample selection process, and documenting the variables used to develop and run those selection models.

As the IRS reviewed the GAO report in April and responded with comments, it made two changes to address the watchdog’s concerns: writing a draft memo that listed the people responsible for steps in the AI development and sample selection process, and updating a technical document with specifics on variables and the code behind the AI models. 

“These actions will increase IRS’s ability to effectively implement and ensure operational effectiveness of the AI models,” the GAO said.

The post IRS dinged by GAO for subpar documentation of AI audit models appeared first on FedScoop.

Mangala Kuppa, who took over as DOL’s chief AI officer this week after previously serving as its deputy CAIO, believes the agency has even more to be confident about when it comes to its work on the technology, possessing a “leg up” on scaling AI quickly.

In an interview with FedScoop, Kuppa pointed to DOL’s previous efforts to modernize internal operations and customer-facing services as part of the department’s journey to implement emerging technologies like AI. Having foundational building blocks and existing infrastructure, along with existing AI applications, has made it “easier” for the agency to scale up, she said. 

“It’s not a ‘big bang’ approach,” said Kuppa, who also serves as DOL’s chief technology officer. “Another aspect that we take very seriously in modernizing is [to] take this opportunity to not just update the technology, but also take this opportunity to re-engineer the business process to help the public.” 

Kuppa pointed to an internal shared services initiative that designated the agency’s Office of the Chief Information Officer to be a “shared services provider for all Departmental IT services.”  That process, Kuppa said, has allowed the department to keep an inventory of all systems and technologies and understand where the legacy systems or opportunities for improvement might exist.

“Using that methodology, we’ve been looking at all high-risk systems, because maybe the technology is very legacy and outdated,” Kuppa said. “We’ve been using that methodology to start those modernization initiatives.”

By considering the age of the technology, the operations burden, security vulnerabilities, regulation compliance and other parameters, DOL came up with a methodology that scores each mission system to determine if it is a candidate for modernization. The agency then looks at the scores on a consistent basis and revises based on new information that becomes available.

These systems can be major: the DOL’s Employment and Training Administration, for example, which provides labor certifications when a company files for hiring an immigrant workforce, was scored for modernization.

“Being an immigrant, I wasn’t aware DOL had a hand in my immigration journey there,” Kuppa said. 

The Technology Modernization Fund has played an “instrumental” role in the department “finding the resources to modernize,” Kuppa said.

She gave the example of using TMF funds to expedite temporary visa applications, which is expected to save 45 days of cycle time for processing labor certification applications.

According to a case study on the TMF site, that project contributed to $1.9 million in annual cost savings, and a key part of the innovation allowed the application forms to auto-populate with the previous year’s information.

“Usually all immigrants eventually start filing for permanent visa applications,” Kuppa said. “Again, you have to repeat the process of labor certification, and so we had two different systems not communicating with each other.”

For Kuppa, modernization is ultimately an exercise in reimagining where new technologies can ultimately be most helpful.

“We have great partnership, we work very closely with our programs and then we have these dialogues every day, in terms of the system’s development lifecycle,” she said. “And that’s how we approach modernization.”

The post Labor Department has ‘a leg up’ on artificial intelligence, new CAIO says appeared first on FedScoop.

The request for information, released Thursday, asks for comments on advancements in existing AI tools and on emerging AI technologies that can benefit the financial sector. The RFI has specific callouts for information on the use of AI in financial products and services, risk management, capital markets, internal operations, customer service, marketing and regulatory compliance. 

“Treasury is proud to be playing a key role in spurring responsible innovation, especially in relation to AI and financial institutions. Our ongoing stakeholder engagement allows us to improve our understanding of AI in financial services,” Under Secretary for Domestic Finance Nellie Liang said in a statement. “The Biden administration is committed to fostering innovation in the financial sector while ensuring that we protect consumers, investors, and our financial system from risks that new technologies pose.”

Treasury listed 19 questions, plus numerous follow-ups, for respondents within its RFI, including: asking for feedback on any AI models that financial institutions are currently using; whether AI use cases differ within institutions; what barriers small banks face in AI deployment; how AI has benefited low-to-moderate income consumers and/or underserved individuals and communities; the extent to which AI models are developed in-house, by third parties or via open-source code; and how industry is applying risk management frameworks to AI use.

During remarks Thursday at the Financial Stability Oversight Council Conference on Artificial Intelligence and Financial Stability in Washington, D.C., Treasury Secretary Janet Yellen touted the release of the RFI as a way of “continuing our stakeholder engagement to improve our understanding of AI in financial services.” Yellen also announced a future roundtable discussion, convened by Treasury’s Federal Insurance Office, on the benefits and challenges of AI use for insurers. 

“FSOC will continue its efforts to monitor AI’s impact on financial stability, facilitate the exchange of information, and promote dialogue among financial regulators,” Yellen said. “Given how quickly AI technology is developing, with fast-evolving potential use cases for financial firms and market participants, scenario analysis could help regulators and firms identify potential future vulnerabilities and inform what we can do to enhance resilience.”

Much of Treasury’s RFI is informed by the agency’s previous work on AI, including a March report that sounded the alarm on AI-specific cybersecurity risks to the financial sector. Just last month, the department issued a national strategy for combating terrorism and other illicit financing, which called out the benefits AI might have in winning that fight.

Closer to home, Treasury has experimented with its own AI use cases, while also engaging in public-private partnerships to ensure that smaller financial institutions have the same defensive AI capabilities as the country’s biggest banks. 

The post Treasury seeks information on AI uses and risks in the financial sector appeared first on FedScoop.

NOAA’s budget request seeks $6.6 billion in discretionary appropriations, an increase of $224.8 million from the enacted level for fiscal year 2024. But under that request, certain programs would still see decreases, which lawmakers on the Environment Subcommittee of the House Science, Space, and Technology Committee called into question Tuesday.

In opening remarks, Rep. Frank Lucas, R-Okla., who chairs the full committee, said he was “extremely disappointed” that NOAA’s proposed budget decreases funding for its Oceanic and Atmospheric Research division and weather and air chemistry research programs. Those programs were given additional responsibilities and increased authorizations under the bipartisan Weather Act Reauthorization passed in April.

“Yes the budget request is simply a request, and at the end of the day Congress controls the purse strings,” Lucas said. “But the budget request is also a message to all stakeholders and industry, and NOAA’s message is this: the need for improved early and accurate forecasting of severe weather is not a priority for this administration.”

Rep. Deborah Ross, D-N.C., the subcommittee’s ranking member, expressed similar concerns in her opening remarks about cuts to programs within the OAR and the National Ocean Service. 

“These funding reductions would negatively impact NOAA’s capacity to execute coastal observations, ecosystem protection, ocean exploration, innovative research, educational outreach and many more important functions that advance the agency’s mission,” Ross said. “I hope we can discuss strategies to continue the essential work of these programs even under the constraints of the Fiscal Responsibility Act.”

The Fiscal Responsibility Act is a compromise deal that temporarily suspended the debt limit and set caps on defense and nondefense discretionary spending through fiscal years 2024 and 2025. That deal has an additional constraint to the budget process, causing agencies to make difficult choices about their investments.

The hearing also comes as science agencies and programs across the government experienced reductions in the fiscal year 2024 appropriations, including OAR. While the budget for 2025 would be an overall increase in discretionary spending for the agency, it would also decrease the agency’s National Ocean Service budget by 14% and the OAR budget by 11%, according to numbers provided by the subcommittee.

NOAA Administrator Rick Spinrad said in his opening remarks that the budget request seeks funding for five areas: investing in the next generation of environmental satellites; addressing climate change through training professionals and expanding technology; providing science and data that informs economic development; improving knowledge-sharing and service delivery in tribal, urban, and rural communities; and reducing the agency’s maintenance backlog. 

Spinrad said NOAA is prioritizing funding for its satellite constellation. That includes development of its Geostationary Extended Observations satellite program, which the agency says aims to expand weather, climate and ocean observations. 

Notably, the National Weather Service also plans to begin transitioning the Advanced Weather Interactive Processing System to a cloud framework. Spinrad said that work “will give forecasters secure remote access to provide in-person, impact-based decision support services to decision-makers anytime, anywhere.”

Another program that received attention for proposed cuts was the U.S. Integrated Ocean Observing System Program, known as IOOS, which uses data and technologies to provide information and forecasts for the ocean, coasts and Great Lakes.

Rep. Suzanne Bonamici, D-Ore., asked Spinrad how the fiscal year 2025 budget request proposes a $32.5 million cut, or 76% reduction, to that program’s funding, adding that she’s “concerned about some kind of budgetary cliff” when funds from the Inflation Reduction Act expire. That bill provided $3.3 billion to NOAA.

Spinrad said IOOS is one of several programs that reflects “the very difficult decisions that we had to make in this budget,” in part because of the constraints under the Fiscal Responsibility Act and the agency’s commitment to sustaining its current work, such as its investment in satellites and ensuring mission-essential functions don’t falter. 

While the IRA is providing some funding for the program, Spinrad said, it’s not one-for-one. He said he’s meeting with IOOS regional directors to understand what the reductions mean. “We’ve directed that data management [and] cyber infrastructure be the specific activity that is sustained,” he said.

Ross also told Spinrad she was concerned about staffing cuts at the National Weather Service, especially as the hurricane season “is predicted to be extremely active.” 

The fiscal year 2024 budget cut roughly 100 positions from the NWS, Ross said, adding that if the fiscal year 2025 budget doesn’t increase staffing to inflation levels, it “could increase the burden on an already strained workforce.” She asked Spinrad how an “austere” staffing budget would impact the service.

“Our ability to bring people on board is not where I want it to be,” Spinrad said, adding that the agency hired 1,700 people last year, but still needs to focus on retention. NWS Director Ken Graham, Spinrad noted, “is working aggressively to optimize the staffing plan” for weather forecast offices.

The post Tough budget decisions for NOAA in focus at House hearing appeared first on FedScoop.